Updates for openssh and selinux-policy fixes issue when SELinux user "guest_t" can run sudo command.
This update has been submitted for testing by lvrabec.
This update has obsoleted openssh-7.2p2-4.fc23, and has inherited its bugs and notes.
lvrabec edited this update.
This update has been pushed to testing.
Nope. This fixes the problem of guest_t running sudo, but breaks the chroot:
guest_t
sudo
https://github.com/fedora-selinux/selinux-policy/commit/ca094ff25a544b684b05aece35a03e132f4c7e1c
this should go to the sshd_t instead.
sshd_t
no regressions noted
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for testing
wfm
This update has been unpushed.
Please login to add feedback.
Confirm request to re-trigger tests.
This update has been submitted for testing by lvrabec.
This update has obsoleted openssh-7.2p2-4.fc23, and has inherited its bugs and notes.
lvrabec edited this update.
lvrabec edited this update.
lvrabec edited this update.
lvrabec edited this update.
This update has been pushed to testing.
Nope. This fixes the problem of
guest_t
runningsudo
, but breaks the chroot:https://github.com/fedora-selinux/selinux-policy/commit/ca094ff25a544b684b05aece35a03e132f4c7e1c
this should go to the
sshd_t
instead.no regressions noted
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for testing
wfm
This update has been unpushed.